[Dshield] Microsoft ASN.1

Erik van Straten emvs.dsh.3FB4CC72 at cpo.tn.tudelft.nl
Fri Feb 13 18:32:00 GMT 2004


Mark,

On Thu, 12 Feb 2004 21:21:28 +0100 Mark Rowlands wrote:
> On Thursday, February 12, 2004 8:01 PM Chuck Lewis wrote:
> > "Within the first 10 minutes of hooking up to a home 
> > broadband connection you have been "found" and within the 
> > next 10 minutes attacks have started against your PC". 

I can confirm this. An exception could be if you're using a DSL modem
with NAT and builtin firewall. Otherwise (dialup, university net, and
perhaps companies), when you install XP SP0 and try to register or
patch, your PC will be cracked before you realize what's happening.
Just look at logs of any (logging, & disk not full) internet facing
firewall.

> I love this stuff, eating fries will give you cancer, smoking
> dope leads inexorably to heroin abuse and the internet is chockful
> of wild eyed script kiddies that are out to get you...personally. 
>
> Now I am not saying you shouldn't take all reasonable precautions,
> what I am saying is you shouldn't throw wild claims (or clams for
> that matter) around.  It just makes you sound a bit on the deranged
> side.
>
> I have found that a rational, calm, measured explanation of the
> cost / benefit / risk equation is far more effective in persuading,
> particularly home users, that a firewall, and the requisite effort
> in learning how to deploy it, is  a worthwhile investment.

Why do you think Johannes Ullrich wrote (direct link):

http://www.sans.org/rr/papers/67/1298.pdf ?

It's referenced from the main page at http://isc.sans.org/ - check out
"Windows XP: Surviving the first day. (PDF)". A must-read. Note: the
Acrobat plugin may take some time to show anything, just be patient.

Johannes: maybe you could provide a separate link to the PDF itself,
like I did above, so people can download more easily and burn on CD or
write to floppy (and thanks for an extremely helpful document;
nothing I didn't know myself, but now I can just point people to it)!

Regards,
Erik




More information about the list mailing list